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1 A holistic approach to service survivability 

Angelos D. Keromytis, Janak Parekh, Philip N. Gross, Gail Kaiser, Vishal Misra, Jason Nieh, 
Dan Rubenstein, Sal Stolfo 

October 2003 Proceedings of the 2003 ACM workshop on Survivable and self- 
regenerative systems: in association with 10th ACM Conference on 
Computer and Communications Security 

Publisher: ACM Press 

Full text available: ■ gjjpdfd.58 MB) Additional Information: full citation , abstract , references , index terms 

We present SABER (Survivability Architecture: Block, Evade, React), a proposed 
survivability architecture that blocks, evades and reacts to a variety of attacks by using 
several security and survivability mechanisms in an automated and coordinated fashion. 
Contrary to the ad hoc manner in which contemporary survivable systems are built-using 
isolated, independent security mechanisms such as firewalls, intrusion detection systems 
and software sandboxes-SABER integrates several different techno ... 

Keywords: intrusion detection, overlay networks, survivability 



2 Internet WORMS: past, present, and future: Access for sale: a new class of worm 
Stuart E. Schechter, Michael D. Smith 

October 2003 Proceedings of the 2003 ACM workshop on Rapid malcode WORM 03 

Publisher: ACM Press 

Full text available- HI pdf(95 1 1 KB) Additional Information: full citation , abstract , references , citings , index 
" I*- 6 - 1 ' terms 

The damage inflicted by viruses and worms has been limited by the risks that come with 
the more lucrative payloads. The problem facing authors of self-reproducing malware is 
that monetizing each intrusion requires the author to risk communication with the infected 
system. Malware authors looking to minimize risk and maximize loot have been better off 
carefully targeting trojan horses at a few systems at a time. However, this could change if 
malware authors could infect a large number of systems ... 
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3 Just sick about security 
Jeff Williams 

September 1996 Proceedings of the 1996 workshop on New security paradigms 
Publisher: ACM Press 

Full text available: ^ pdf(659,59 KB^ Additional Information: full citation , index terms 




http://portal.acm.org/results.cfm?coll=ACM&dl=ACM&CFID=1669920&C 



7/17/06 



Results (page 1): "global update" +patch +virus +inoculation 



Page 2 of 2 



4 Intrusion detection and modeling: Design space and analysis of worm defense 
strategies 

David Brumley, Li-Hao Liu, Pongsin Poosankam, Dawn Song 

March 2006 Proceedings of the 2006 ACM Symposium on Information, computer and 
communications security ASIACCS '06 

Publisher: ACM Press 

Full text available: ^ pdf(723.02 KB) Additional Information: full citation , abstract , references , index terms 

We give the first systematic investigation of the design space of worm defense system 
strategies. We accomplish this by providing a taxonomy of defense strategies by 
abstracting away implementation-dependent and approach-specific details and 
concentrating on the fundamental properties of each defense category. Our taxonomy and 
analysis reveals the key parameters for each strategy that determine its effectiveness. We 
provide a theoretical foundation for understanding how these parameters interact ... 

Keywords: antibody, blacklisting, defense strategy analysis, local containment, proactive 
protection, worm propagation, worm taxonomy, worms 




5 Data integrity: Web application security assessment by fault injection and behavior Q 
monitoring 

Yao-Wen Huang, Shih-Kun Huang, Tsung-Po Lin, Chung-Hung Tsai 
May 2003 Proceedings of the 12th international conference on World Wide Web 
Publisher: ACM Press 

Full text available: fjjpdf(4.53 MB) Additional Information: full citation , abstract, references , citings, index 
^ terms 

As a large and complex application platform, the World Wide Web is capable of delivering a 
broad range of sophisticated applications. However, many Web applications go through 
rapid development phases with extremely short turnaround time, making it difficult to 
eliminate vulnerabilities. Here we analyze the design of Web application security 
assessment mechanisms in order to identify poor coding practices that render Web 
applications vulnerable to attacks such as SQL injection and cross-site scr ... 

Keywords: black-box testing, complete crawling, fault injection, security assessment, 
web application testing 




6 Security watch: Superscaled security 
Rebecca T. Mercuri 

March 2004 Communications of the ACM, Volume 47 issue 3 
Publisher: ACM Press 

Full text available: fig) pdf(68.48 KB) AJJV ,, r ....... 
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Exponential increases in computational speed, memory capacity, and bandwidth impose 
futuristic security demands and challenges. 
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